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Remarks/Arguments 

these remarks are in response to the Office Action dated April 18, 2007. This 
reply is timely filed. At the time of the Office Action, claims 1-19 were pending in the 
application. Claims 1, 10, and 11-19 were rejected under 35 U.S.C. §101. Claims 1-9 
and 10-19 have been rejected under 35 U.S.C. 102(e). The rejections are set out in 
more detail below. 

I. Claim Rejections Under 35 U.S.C. S101 

Claims 1 , 10, and 1 1-19 were rejected under 35 U.S.C. §101, citing the claimed 
invention is directed to non-statutory subject matter. In this regard, the Examiner states 
that the subject matter recited in independent claims 1, 10, and 11 lacks a practical 
application since the subject matter fails to produce a useful, concrete, and tangible 
result. More specifically, the Examiner notes that the claimed subject matter provides 
for the granting of an entity's request if and only if, the entity doesn't complete a 
temporal access pattern, and the entity's predetermined access level meets the 
minimum access level of the first base node. The Examiner asserts that this conditional 
statement yields a tangible result only if access is granted, and therefore makes for a 
non-tangible result. In response, Applicants have amended the subject matter of 
independent claims 1 and 10 to include the following conditional statement: "denying 
said request if said access request completes a prohibited temporal access pattern for 
said entity." Applicants have also amended the subject matter of independent claim 1 1 
to include the following phrase: "wherein said processing means denies said request if 
said access request completes a prohibited temporal access pattern for said entity". 
Applicants believe that the currently amended independent claims 1, 10, 11 overcome 
• the Examiners rejection under 35 U.S.C. §101. 

II. Brief Review of Applicants' Invention 

Prior to addressing the Examiner's rejections on the art, a brief review of the 
Applicants* invention is appropriate. The invention relates to a method and apparatus 
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for using an adaptive lattice mechanism to enforce computer security. See paragraph 
[0023]. Generally, the method involves receiving in the computer system a request from 
an entity. See paragraphs [0009], [0033] and FIG. 6. The entity can be a user or a 
process and can have a predetermined access authorization level for access to a first 
base node representing an information type or a computer system function. See 
paragraph [0009]. The method also involves determining if the access request 
completes a prohibited temporal access pattern for the entity. See paragraphs [0009], 
[0033] and FIG. 6. 

In this regard, it should be appreciated that a temporal access pattern is defined 
by a temporal relation between two or more nodes. See paragraph [0028]. A temporal 
relation is an inter-propositional relation that communicates the ordering in time of 
events. See paragraph [0028] and FIG. 1. For example, a prohibited temporal access 
pattern of a node A is defined by a temporal relation between an item Ni and an item 
N 2j e.g., Ni-> N 2 . Thus, a temporal ordering at node A exists that the item Ni is 
accessed before the item N2- So, for the security policy associated with node A to be 
activated, not only must the item Ni and item N 2 be accessed but they must be 
accessed in the order indicated by the temporal relation. 

If it is determined that the access request completes a prohibited temporal 
access pattern for the entity, then the request is rejected. See paragraphs [0009], 
[0033] and FIG. 6. Otherwise, the method continues with a comparison of a minimum 
access level established for the first base node to the predetermined access 
authorization level assigned to the entity. See paragraphs [0009], [0035] and FIG. 6. If 
the minimum access level for the first base node does not exceed to the predetermined 
access authorization level, then access request is granted. See paragraphs [0009], 
[0035] and FIG. 6. However, if the minimum access level for the first base node 
exceeds the predetermined access authorization level assigned to the entity, then the 
access request is denied. See paragraphs [0009], [0035] and FIG. 6. 
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III. Claim Rejections Under 35 U.S.C. $102(e) 

Claims 1-9 and 10-19 have been rejected under 35 U.S.C. §1 02(e) as being 
taught by U.S. Patent Publication No. 2004/0044655 to Cotner ("Comer"). Cotner 
discloses and teaches a method of controlling access to a relational database. See 
paragraphs [0009], [0053], [0072]-[0084] and FIG. 7B. The method includes receiving a 
user request for data from the database, in which the request includes a request to 
perform a database operation and a user security label. See paragraphs [0009], [0073] 
and FIG. 7B. User security information is determined from the user security label. See 
paragraphs [0009], [0074] and FIG. 7B. In response to the user request, rows of data 
are retrieved from a table in the database that satisfy the database operation, in which 
the rows each have a security label. See paragraphs [0009], [0074] and FIG. 7B. The 
method further includes determining row security information for each of the retrieved 
rows based on the row's security label. See paragraphs [0009], [0074] and FIG. 7B. 
For each retrieved row the method determines whether the user is authorized to access 
the row based on the user security information and the row security information. See 
paragraphs [0009], [0074] and FIG. 7B. Only the rows for which the user is determined 
to have authorization to access are returned to the user. See paragraph [0009] and 
FIG. 7B. 

A. Independent Claims 1 and 10 

Claim 1 concerns a method for secure access to a computer system; Claim 10 
concerns a method for restricting access to a computer system having logical base 
nodes representing an information type and/or a computer system function. Claims 1, 
10 recite in relevant part "determining if an access request completes a prohibited 
temporal access pattern for an entity". Claims 1,10 also recite in relevant part "granting 
the access request only if it does not complete a prohibited temporal access pattern for 
the entity". Claims 1,10 further recite in relevant part "denying the request if the access 
request completes a prohibited temporal access pattern for said entity." 
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Upon review of the Cotner reference, it becomes readily apparent that it fails to 
disclose and/or teach the step of "determining if an access request completes a 
prohibited temporal access pattern for an entity". It also becomes readily apparent that 
the Cotner reference fails to disclose and/or teach granting or denying an access 
request based on the outcome of the determination step. Instead, the Cotner reference 
teaches a method for controlling access to a relational database based solely on 
security levels. See paragraphs [0009], [0053], [0072]-[0084] and FIG. 7B. 
Accordingly, a person skilled in the art may interpret the Cotner reference as failing to 
teach temporal access patterns and an access request control technique utilizing 
temporal access patterns. 

It should be noted that the Examiner opines that paragraph [0034] of the Cotner 
reference discloses and/or teaches the step of "determining if an access request 
completes a prohibited temporal access pattern for an entity". However, Applicants 
have reviewed the cited paragraph [0034] and can find no such teaching. In this regard, 
it should be appreciated that the cited paragraph [0034] discloses and teaches user 
security labels identifying certain security levels, such as top secret, secret, and 
unclassified. The cited paragraph [0034] also discloses and teaches permitting access 
to data by determining if the user has the proper security level to view the data. In 
effect, the cited paragraph [0034] fails to disclose and/or teach an access request 
control technique that involves determining if an access request completes a prohibited 
temporal access pattern for an entity. 

In view of the forgoing, the Cotner reference fails to disclose and teach the steps 
recited in claims 1,10. Accordingly, Applicants request reconsideration and allowance 
of pending claims 1,10. Claims 3-9 are believed to be in condition for allowance at 
least by virtue of their dependence upon an allowable base claim. Accordingly, 
reconsideration and allowance of claims 3-9 is also requested. 

B. Independent Claim 11 

Claim 1 1 concerns a secure computer system. Claim 11 recites in relevant part 
M a secure computer system comprising a temporal access table." Claim 11 also recites 
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in relevant part u a secure computer system comprising a processing means 
programmed for comparing an access request to the temporal access table to 
determine if the access request completes a prohibited temporal access pattern for an 
entity." Claim 1 1 further recites in relevant part that the "processing means denies the 
request if the access request completes a prohibited temporal access pattern for the 
entity and grants the access request only if it does not complete a prohibited temporal 

access pattern for the entity." 

Upon review of the Cotner reference, it becomes readily apparent that it fails to 
disclose and/or teach a secure computer system comprising a temporal access table. It 
also becomes readily apparent that the Cotner reference fails to disclose and/or teach a 
processing means programmed for comparing an access request to the temporal 
access table to determine if the access request completes a prohibited temporal access 
pattern for an entity. Instead, the Cotner reference teaches a secure computer system 
configured for controlling access to a relational database based solely on security 
levels. See paragraphs [0009], [0053], [0072]-[0084] and FIG. 7B. Accordingly, a 
person skilled in the art may interpret the Cotner reference as failing to teach temporal 
access patterns and a means for implementing an access request control technique 
utilizing temporal access patterns. 

It should be noted that the Examiner opines that paragraphs [00030] and [0034] 
of the Cotner reference disclose and/or teach a temporal access table. However, 
Applicants have reviewed the cited paragraphs [00030], [0034] and can find no such 
teaching. 

In view of the forgoing, the Cotner reference fails to disclose and teach the 
subject matter claimed in claim 11. Accordingly, Applicants request reconsideration and 
allowance of pending claim 1 1 . Claims 13-19 are believed to be in condition for 
allowance at least by virtue of their dependence upon an allowable base claim. 
Accordingly, reconsideration and allowance of claims 13-19 is also requested. 
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IV. Conclusion 

Applicants have made every effort to present claims which distinguish over the 
prior art, and it is believed that all claims are in condition for allowance. Nevertheless, 
Applicants invite the Examiner to call the undersigned if it is believed that a telephonic 
interview would expedite the prosecution of the application to an allowance. In view of 
the foregoing remarks, Applicants respectfully request reconsideration and prompt 
allowance of the pending claims. 



Respectfully submitted, 





Date 



Robert J. Sacco 
Registration No. 35,667 
SACCO & ASSOCIATES, P.A. 
P.O. Box 30999 

Palm Beach Gardens, FL 33420-0999 
Tel: 561-626-2222 
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